Voline writes: In a tweet early this morning, cybersecurity researcher Christopher Soghoian pointed to an internal memo of India's Military Intelligence that has been liberated by hackers and posted on the Net. The memo suggests that, "in exchange for the Indian market presence" mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as "RINOA") have agreed to provide backdoor access on their devices.

The Indian government then "utilized backdoors provided by RINOA" to intercept internal emails of the US-China Economic and Security Review Commission, a US government body with a mandate to monitor, investigate and report to Congress on "the national security implications of the bilateral trade and economic relationship" between the US and China. Manan Kakkar, an Indian blogger for ZDNet, has also picked up the story and writes that it may be the fruits of an earlier hack of Symantec.

If Apple is providing governments with a backdoor to iOS, can we assume that they have also done so with Mac OS X?

Then, went on tweeting things such as:
"if they fuck with me, I got all these websites all over me. Whatever I tell them to write, they write"

According to the new PR, Moises Chiullan, at Avenger, Paul is asking for money in exchange for the GoDaddy account access.
His demands include a contract written on his terms and substantial compensation, both immediate and for as long as the company continues to exist.

Hugh Pickens writes writes: "The high stakes standoff between Iran and the US over the Strait of Hormuz, the passageway for one-fifth of the world's oil, escalated this week as Iran's navy claimed to have recorded video of a US aircraft carrier entering the Port of Oman and the deputy chief of Iran's Revolutionary Guard Hossein Salami rejected US claims that it could prevent Iran from closing the strait. To drive the point home, Iran has started a 10-day naval exercise in the Persian Gulf to show off how it could use small speedboats and a barrage of missiles to combat America's naval armada while in a report for the Naval War College, US Navy Commander Daniel Dolan wrote that Iran has acquired “thousands of sea mines, wake homing torpedoes, hundreds of advanced cruise missiles (PDF) and possibly more than one thousand small Fast Attack Craft and Fast Inshore Attack Craft. The heart of the Iran's arsenal is its 200 small potential-suicide boats — fiberglass motorboats with a heavy machine gun, a multiple rocket-launcher, or a mine — and may also carry heavy explosives, rigged to ram and blow a hole in the hull of a larger ship. These boats will likely employ a strategy of “swarming”—coming out of nowhere to ambush merchant convoys and American warships in narrow shipping lanes. But the US Navy is not defenseless against kamikaze warfare. The US has put more machine guns and 25-millimeter gyro-stabilized guns on the decks of warships, modified the 5-inch gun to make it more capable of dealing with high-speed boats, and improved the sensor suit of the Aegis computer-integrated combat system aboard destroyers and cruisers. “We have been preparing for it for a number of years with changes in training and equipment,” says Vice Admiral (ret.) Kevin Cosgriff, former commander of U.S. Naval Forces Central Command."

An anonymous reader writes: What began as a simple reply to a Tor user on the subject of downloading PDF files through Tor, turned into a wealth of information on Tor OPSEC, or Tor Operations Security.

rhettb writes: After spending decades living among the Agta Negritos people in the Philippines, anthropologist Thomas Headland has found that the hunter gatherer tribes were quite commonly attacked by reticulated pythons (Python reticulatus). Headland found 26 percent of Agta Negritos men had been attacked by a reticulated python in the past, most bearing the scars to prove it. Women were attacked much less frequently, but since men spent their time hunting in the forest they were more likely to run into a python, an encounter that could prove deadly for either party.

Bad_Feeling writes: Ernesto, the piratical kingpin of TorrentFreak, has discovered that US movie and TV studios, including Sony Pictures, Fox Entertainment, and NBC Universal, are eager pirates as well. Sony employees were caught downloading dubstep music and a rip of Conan the Barbarian. Someone at the NBC Universal office in Fort Lauderdale downloaded the entirety of Game of Thrones season one. If the problem of piracy has taken root within the walls of the publishers and producers, suing hapless consumers seems stupendously hypocritical.

ahale writes: "The moment anyone finds out I research particle physics, the question is always asked: “Do you think we will find the Higgs Boson?” My immediate answer is always: No. Honestly, I do not really have any idea- I just like giving the short answer to avoid intense explanation. The Higgs Boson has received a lot of media attention. It is my aim to explain in plain terms: what is the Higgs Boson? And, why must it exist?

I should note: I am very much against the media hype of the Higgs Boson. It is just another part of the Standard Model (which I explain below), and there is no reason to pour so much money into crony corporate physics research. Had physics not been a political tinker toy of corporations and interested countries, the Higgs particle would have been experimentally verified years ago. In the explanation below, I put aside my own beliefs and just offer the facts.

The Higgs Boson is a mathematically proposed part of the Standard Model of Particle Physics (Which I will just abbreviate as: SM from now on). The SM is an explanation of the fundamental players in what actually constitutes all of reality. Molecules are made of atoms. Atoms are made of protons, neutrons, and electrons. Protons and neutrons are made of quarks. Quarks are bound together by a force. That is the quick definition of the SM. There are other particles as well, but they do not concern us- at this time. Think of the SM as the Periodic Table for Particle Physics.

The Higgs Boson is an esoteric but relevant player in the SM. While its role is formal and mathematical- it is responsible for the defining characteristic of particles.

In nature we have 4 fundamental forces that act upon the constituents. These forces are: Gravity, Electromagnetism, Weak force, and the Strong force. The first two are very familiar to humans and we encounter these every day. I will not bother to explain these two.

The Weak force is what causes radioactive decay of subatomic particles. It has two force carrier particles associated with it: The W and Z boson.

The Strong force has little to do with what I am trying to explain here. The strong force is what binds quarks together.

It was discovered by three Nobel Prize winning Physicists in 1979 that the electromagnetic force and the weak force are actually derived from a single unified force. This force is not unified until a particle accelerator reaches the level of ~100 TeV (tera electron volts). At the early universe, when everything was still hot enough- these two forces were indistinguishable.

Leaving out the tedious mathematics, when these forces are combined it can be views as symmetry. That is, one is symmetrical to the other and there is no preferred point of reference.

As mentioned above, the force carriers for the weak force are the W and Z boson, which are extremely massive, but very short range. The force carrier for the electromagnetic force is massless. How is this mass lost? The mass is converted into energy, that energy is essentially a photon (The force carrier of the electromagnetic force): the particle of light. The photon never rests; it always travels at light speed. The mass from the electroweak force, somehow gets converted into the energy of the electromagnetic force. (Recall Einstein’s famous equation). The answer: there must be a particle responsible for this. What is this proposed particle? That is the Higgs particle.

Let us take a moment to get some terms straight. In quantum mechanics, specifically quantum field theory- you may use these three terms interchangeably: field, wave, and particle. A field is something that may permeate a space. If one is to wiggle that field, a wave develops. The resulting wave is a differential equation of probability. The area where the probability is high: is where it is likely to find the “particle”. This short definition I offer is a mix of three ideas: the Schrodinger equations, the Heisenberg uncertainty principle, and the Copenhagen interpretation of quantum waves. You are welcome to research those further to get a better grasp.

To recap, the relationship is: fields: to wave: to particle. This explanation greatly ignores the particle wave duality. I do not intend to explain it here.

Going back to the Higgs particle.

It was proposed by Peter Higgs that a field must permeate all of space. The space between atoms, the space between everything: the people, planets, galaxies, and the universe. Anywhere where the laws of physics as we know, hold true: exists the Higgs field.

This idea sounds crazy to most people. If there is some kind of uniform field that is everywhere, should we not feel it? This field is only agitated at high energies; therefore we would need to “pluck” this field with a high energy “guitar pick” for lack of a better analogy.

For the past thirty plus years physicists have attempted to “pluck” this field. By doing so, they hope to create a wave which can be described to have the properties of the Higgs Particle as predicted by the SM.

How does this field create all the mass properties of all the particles known?

Trying to explain this is trying to put very formal mathematics into terms, but I think it is something I would like to try. As particles move through this field, the same effect that reduces the electroweak force into the electromagnetic force can turn energy into mass, just as it turns mass into energy. As we go up on the TeV scale, that is- as we get hotter and hotter- ever closer to the early universe, the electromagnetic and the weak forces become a single unified force. Also, the strong force begins to have less influence, instead it is replaced by the electroweak force until eventually they are a single force. This is believed to happen because of the “drag”, produced by the Higgs field.

The experimental discovery of the Higgs field by producing a Higgs Boson, would greatly explain the SM. It would explain why the fundamental forces converge and decohere (not to be confused with quantum decoherence). The discovery would complete the particle physics most successful model and lead to more accurate predictions about reality, cosmology, and the universe as a whole.

While it may not be the Higgs field that lends all the particles their mass and other properties, there is something out there. Something must cause these forces to converge and act differently upon the particles. Failure to find the Higgs would just give researchers another route to travel. Perhaps another force of nature? Or- Perhaps we misunderstand the high energy excitation of particles and forces. Either way, it is not likely the SM will be scrapped any time soon."

An anonymous reader writes: How many of us have wasted hours and hours searching for videos of Free Software on YouTube or other video sites, and sometimes we need refine the search results because of the useless that we find out there?

But someone thought, and put into practice what we all needed: Youpipe — a portal aggregator of Free and Open Source Software! or just FOSS.

An anonymous reader writes: According to IDC, compliance drives investment priorities in 2011 while financial companies will grow their compliance investments up to 15-20% of their IT budgets
In its recent White Paper titled "Compliance is More Than Just Cost: Creating Value Beyond Compliance" (#IDCWP05T) published in February, 2011 and sponsored by BalaBit, IDC, a leading provider of global IT research and advice firm, highlights that compliance investments, which are basically treated only as a spending to align with compulsory regulations, when extended to all processes including privileged and super users, can build trust and competitive advantage for the organizations. Not only banks, but all companies with complex IT systems must implement advanced controls to comply with regulations. Organizations and IT experts should look beyond the pressure for compliance and create added value by extending the existing investments with an activity and access management tool. Well-managed IT will contribute greatly to improve organizations margins, quality, reputation, attractiveness, brand, and global results.
According to IDC, 2011 will see a return to growth for IT investment strategies in EMEA banking after two years of regressive or flat spend. This market has multiple growth drivers, but the key component is the sheer volume of new regulations that are being added by local and regional oversight organizations that compound an already highly regulated industry. On average, European banks spend around 10% of their IT budget on compliance. In 2011, IDC expects this to increase to 15% to 20%, depending on the size of the organization.
”Compliance is a new task for many IT directors and Internal Security Experts. It calls for specific budgets and investments. Handling compliance efforts as an investment and utilizing them in value creation will become a new field in marketing competition. Organization must find a way to create value while spending on a compulsory basis.” – said Eric Domage, European Security Research and Consulting Director at IDC.
IT pervasion has transformed PCs, networks and servers into production tools that contribute to the value chain of any product or service. Once an automation gadget or task-easing tool, IT is now a pure tangible asset, a major contributor to added value. Therefore tight and agile management of assets is critical to the global organization. Within less than a decade, IT administrators who were once low value support resources became key to the generation of value.
Organizations should focus on improving access control on both the network and application layers, and not only for IT privileged users, but in many cases for specific users such as IT supports, executives, private bank operators, who also have access to the increasing volumes of transactional and customer data. The White Paper enhances, that all users with specific rights should be managed with the same way or more granularly than system administrators.
Key benefits of controlling advanced users: Fraud prevention and detection: log and event analysis tools can help to replay events and distribute liability over fraudulent internal IT operations.
Employee clearance: in case of any incident, event and logging tools will build the real history of the IT actions and clear those who behaved correctly.
Organizational transparency: tools can demonstrate and prove what the organization did in a critical situation and helps to prove the compliant behavior.
The IDC White Paper sponsored by BalaBit is available at BalaBit’s website: www.balabit.com/IDC_WP.
About BalaBit Shell Control Box Privileged IT User's Monitoring Tool
BalaBit IT Security — “the syslog company” — is aiming this promising market with Shell Control Box, a Linux based activity monitoring appliance for privileged access. Developed as the very first activity monitoring solution for privileged access in the global market, in cooperation with Sun Microsystems, Shell Control Box is one of the leading solutions worldwide. With Shell Control Box, BalaBit offers the most comprehensive privileged access monitoring solution in the industry, helping customers to meet even the highest level of IT Security and compliance regulations.
Resources
Executive summary of the IDC White Paper titled Compliance is More Than Just Costs: Creating Value Beyond Compliance, February, 2011, #IDCWP05T sponsored by BalaBit:
http://www.balabit.com/support/documentation/scb-whitepaper-IDC-creating-value-beyond-compliance-summary-en_0.pdf
Product overview video: http://www.youtube.com/watch?v=IiNRJGCb2UA
Shell Control Box Product Sheet: http://www.balabit.com/support/documentation/scb-v3.0-flyer-en.pdf
Shell Control Box Product Description: ttp://www.balabit.com/support/documentation/scb-v3.0-description-en.pdf
About BalaBit
BalaBit IT Security is an innovative information security company, one of the global leaders in developing privileged users management, trusted logging and firewall solutions to help customers be protected by insider and outsider threads and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.
BalaBit is also known as “the syslog-ng company”, based on the company's flagship product, the open source log server application, which is used by more than 650.000 customers worldwide and became the globally acknowledged de-facto industry standard.
BalaBit, the second fastest-growing IT Security company in the Central European region concerning Deloitte Technology Fast 50 list, has local agencies in France, Germany, Italy, Russia and cooperates with partners worldwide. Our R&D and global support center are located in Hungary, Europe.
For more information visit www.balabit.com.